Blog
Life

Save the Nigerian astronaut (Facts about Phishing Part 1)

11 comments

Have you heard of Major Abacha Tunde? This brave Nigerian man has been spending his life on a Russian secret space station since 1990 and can only see his beloved home from orbit. Unfortunately, he cannot come home because his country doesn't have the foreign exchange to bring him back. Tragic isn't it? But you can help him and make it rich in the process! This good man naturally cannot spend his luxurious salary (no duty free shops in space) and Amazon only delivers world-wide. For only a few thousand Euros you can help Major Abacha Tunde get back to earth - and collect a giant yield. Don't believe me? Good for you! This is just one bizarre example of a phishing mail meant to cheat you out of your money. Read on to learn what phishing is all about!

An unknown hero: Major Abacha Tunde

World-wide operating scammers use phishing mails to extract important (bank account) data or money from you. Both their methods and professionalism varies widely. Sometimes, they will pretend to act on behalf of your bank, other times it's about package delivery, flowers or highly lucrative investments. The classic approach is to use fake sites or forms to trick you into filling in your bank information or get you to make a transfer. For that, official mails and websites are copied down to the last detail. Malware will also be used to direct you to fraudulent sites or log your keystrokes (including online banking). Once you receive a suspicious error after you made a transfer it's already too late.

Kindly provide your bank account data for a transfer...

A typical fishing attempt involves using a fake copy of your bank's website to extract your login credentials, PIN number and TANs. Things get particularly dangerous when you're dealing with professionals Ihat have most of your personal information already filled in and provide links to authentic looking "bank websites". Usually, you'll be notified that due to technical issues (restructuring, authentication problems etc.) you need to input or confirm your data. My advice in these cases - keep it cool and start thinking. Has your bank ever contacted you in this way before? My guess is no. Banks tend to send letters. Get in contact with your bank before you click a suspicious link or input any data. Your bank will be familiar with these inquiries and quickly check their validity.

Scammers make millions with phishing attacks

A letter from a lawyer

Things get even more perfidious when criminals try to put psychological pressure on you. Alleged lawyers will line up dozens of paragraphs to scare regular Joes using terms such as "final notice" in their mails to make you feel guilty and coerce you into acting rashly. To keep you from seeking professional help, they will frequently allude to pornography or other sensitive matters and ask you for manageable amounts. Basically, criminals are counting on your willingness to pay a two- or three-figure sum to be left alone. If enough people pay, they'll still make a handsome profit.

When greed makes you stupid

The Nigerian Connection has gained some notoriety over the past few years. Known as advance fee frauds, their schemes involved advance payments with the prospect of making a huge profit in return. Victims were told that the sender needed their help to access large funds and that for a fee, they would be entitled to a princely sum of money, often millions of dollars. Not only did the scammers use authentic looking mails but they also created "official" websites for banks, dignitaries and the government to deceive their readers. I'd call that well-organized crime. Recipients were usually asked to pay fees or bribe money. Inheritance frauds, alleged lottery wins or trustee services are similar ploys that have already caused millions of Euros worth of damage. It all may seem laughable to persons unconcerned - but it was done so well that it worked. It was mainly a game of greed that also made recipients feel superior, like they had been singled out from the masses. Great efforts were made, inquiries were competently and professionally answered. Everything seemed so believable that one American lady opted to pay a second time even after having been notified by the police that she fell victim to a fraud. She apparently believed it to be merely a misunderstanding on the part of her African friends.

Love to your bank account

From afar with love

Another scheme that helped cheat countless victims of large amounts of money operates on an emotional level. Whether it's simply lust or the love of your life - in the end it's all about money, again. This scheme targets users of online dating services but emails are also sent out randomly. Potential partners from abroad are putting their passionate love to (electronic) paper, how thoughtful. Even video chats or phone calls are possible. All it takes for the long-awaited meeting (that will never happen, of course) to take place is a bank transfer to pay for a hospital stay, a debt, passport formalities or the like. And close relatives, police officers or friends will be happy to testify to the credibility of the lover in distress. The stronger the emotional bond, the more dire the situation - the quicker victims will open their wallets. Common sense to the rescue: How quickly do often highly attractive men/women really fall in love? How do they react once you rule out any payments? How likely are the reported circumstances? It's often hard to keep a level head!

These were just a few examples and some background information on the topic of phishing. Next week, you will learn how to spot phishing mails and how to act when you do.

11 comments
  • C

    It seems that I have been targeted by these idiots the normal one is you have won $10,000,000 or a outstanding invoice please pay to stop legal action.

    These all end up in the same place the bin. Get about five a day, please remember NEVER reply to them.

  • O

    I saw your article a few days ago and thought that I would write in to complain about the references to Nigeria(n) scams.

    Whilst I understand that you were trying to address a genuine issue, I as a Nigerian who has lived primarily in the United Kingdom for the best part of 25 years know for certain that scammers exist every where in the world including the US , UK & Europe. Hence I am sick of this tired joke of either intentionally or otherwise portraying Nigeria(ns) in bad light.

    I would also assure you that criminals and scammers are severely punished when the law gets hold of them in Nigeria. I am not easily offended but unhappy at stereotyping and reinforcement.

    Perhaps you may want to note that there was a previous successful prosecution of a newspaper columnist by the Nigerian government in the UK a number of year ago in line with these same matters.

    Nigerians are hard working people who are like every other persons in the world hard working and decent people. With a population in excess of 150million, there are bound to be unscrupulous elements and bad people.

    I noticed that you have responded to a previous comment from Dolapo Ogunsile on 2016/02/26 However your article is titled "Save the Nigerian astronaut", hence your claim that the article makes no reference or mention of Nigeria or Nigerians is in fact false. However, your apology is noted but your excuse is lame.

    I hope you will learn to manage the tone and language in future articles. Believe me if the shoes were on the other side and someone was "bad-mouthing" your country you will feel bad.

    Do you honestly believe that *as a German* I do not know how to live with national clichés? :)

    Seriously, during my research, I stumbled upon the organisation termed “Nigeria Connection” so many times that I had to mention it. Would you be able write about Rock and Roll roll and make no mention of Elvis? And Major Tunde was such a funny phishing example irrespective of the nationality, I would have included it just the same if he had been made up to be from Germany, Uzbekistan or the United States.

    Prejudgement of any race or nationality is *the last thing* we need and this article was neither intended this way nor does it strike me as such after having read it multiple times. But I promise that I will take great care to avoid anything that might be considered insulting or cause misunderstandings in the future.

  • D

    Another prime source of dodgy emails is spurious Amazon and PayPal scammers.

    I invariably get a shower of these every time I use Amazon and PayPal, I have attempted to take this up with Amazon but they are not interested.

    ALWAYS inspect the headers of all emails from suspicious sites, sometimes they will appear perfect at first glance but have a minor spelling change, possibly an accented letter or a '0' instead of an 'o'.

    Anything coming from a mail server in Nigeria, Russia, Kenya, Ukraine, Tuvalu or similar that claims your account is being closed/altered/etc. is always going to be dodgy.

    Use some sort of email client or server that has a whitelist/blacklist capability and keep it up to date.

    Eternal vigilance is the price of etc, etc, etc.

    My favourite was one that told me my bank account had been frozen, and in order to get it *defrosted* I had to click the URL...

    I've kept that one!

  • S

    Whose to say that the E.U. or the various governments in Europe are not phishing most of them vicariously using the word austerity to scam us all. Every organ of the media is part of this scam regardless of their claimed affiliations they all jump on the bandwagon and orchestrate a charm offensive upon our sense of reality all repeating the same old mantra till we believe in belief to beleave without questioning why.

    Does your local MP ...really represent you to parliament or do they represent parliament to you? Does he/she ever trouble themselves to seek to find out what you prefer. When someone wins an election they automatically give up the right to an opinion of their own if they didn't they betray us outright. Our ..democratic representatives are supposed to do exactly as we their constituents tell them to do that kind of action is a process called democratic representation does it happen - in my opinion the answer is - no!

  • D

    Scamming and phishing are two hydra headed online crimes worldwide and should not be localized to Nigeria alone. I think it is grossly irresponsible and downright appalling for the Sven to say "Nigerians"like every Nigerian is into scamming or phishing.

    While I do not dispute that truly some unscrupulous individuals from Nigeria do scam and phish online, the phrase should have been "Some Nigerians"and not "Nigerians". Last year i fell victim to a scammer resident in the US, does that make EVERY American a scammer? Would it be right for me to say Americans are scammers? I have been a customer of Ashampoo for years and I am Nigerian, I accept that some of my fellow Nigerians are criminally minded but same problem exists in every country. Not ALL NIGERIANS are into phishing!

    Apologies if you feel insulted but there was no mention of "Nigerians" in general in this arcticle

    nor was it my intent to portray all Nigerians as criminals. The case of Major Abacha Tunde whom the creators,

    whatever country they may be from, made up to be a Nigerian is a very recent example

    of a scamming letter. The "Nigerian Connection" was a term used by

    German officials to describe a phishing scheme that did indeed originate from Nigera.

    We do in no way, shape or form consider Nigeria to be a country of 177 million criminals.

  • S

    Beware of offers of free goods. All you have to do is pay the postage of say $9.95.

    Seems too good to be true. You check the box that you agree to the "Terms and conditions" and they are too lengthy to read. (Read them)

    They will reveal that you have subscribed to a monthly purchase of $200 or more.

    Even if you cancel after the first one they still have the first payment.

    This is a common scam. Never go for anything which is free.

  • A

    I wonder if you can Phish the phishers by opening an account in an institution where you have no other accounts, then tell the phisher that your bank will not allow money transfers except to people who have already transferred money to you, and ask the phishers for $100 or so in order to facilitate your sending money to them!

    The industry is not well coordinated, I once got spam from a beautiful Russian woman looking for romance and a business selling discounted Viagra, all within the same few minutes.

    Please do not attach my full name to this post?

  • T

    The Nigerians used to send their phishing by snail mail. I received a few of these, which were consigned to the appropriate receptacle. While visiting my son's inlaws one day, they received one of these and were actually going to reply to it, until I alerted them to what it was. I haven't had a phishing email for years, probably due to a good security suite.

    While I was working with a group a few years ago, we were getting phishing texts on our mobile phones. We tried to outdo each other by bragging about how many millions we could be worth! Seriously, though, too many are so trusting that they fall victim to these schemes.

  • R

    Worthwhile comments

  • K

    Yes, this is bad for retired people. My elderly widow aunt fell for this when she first got her computer. She was a low income person with a big heart who thought she was doing good. Thank you for these articles. I really liked your last article about people who have their phones glued to their ear. I printed out your article to show to people.

  • R

    The thing to remember is - no bank will contact you via email asking for private info. Reputable businesses also know that email in an insecure method of communication and will not ask for confidential data. If in doubt (and you always should be) then contact the business by phone and ask if it is genuine. NEVER click the reply link as you are ony confirming that your email address is valid. Also don't trust emails from your own contacts. A while back I received an odd looking email from a personal contact stating that they were in a foreign country and were stranded due to having all their money stolen. They requested help by means of a money transfer. I phoned their UK number, and guess what they were home and had been plagued all night by other concerned friends who had received similar emails. It transpired that someone had hacked into their email account and sent emails to all of the peole in their contacts list.

About Ashampoo
Users
22+ million
Downloads
500.000+ per month
World-wide
In over 160 countries
Experience
Over 25 years
Ashampoo icon